<?php

require_once '../include/common.inc.php';
require_once '../include/upfile.class.php';

if (!checkAdmin()) {
    header("LOCATION:index.php");
    exit;
}

$menu_index = 3;
$page_title = 'JANSEN';
$guide_message = 'Info | News';
$out_ary = array();
$alert_message = '';

$key = "Enter subject...";
getMyParam('action');
getMyParam('key');

// add???(js??????)???
if ($action == "add" || $action == "edit") {
    getMyParam('nid');
    getMyParam('subject');
    getMyParam('address');
    getMyParam('details');
	
	getMyParam('subjectzh');
    getMyParam('addresszh');
    getMyParam('detailszh');
	
    getMyParam('up_pic');
    getMyParam('publish');
    getMyParam('online');
    getMyParam('offline');
    
    // ????id?
    if ($action == "edit" && (!is_numeric($nid) || $nid <= 0)) {
        $alert_message .= "\n\nFailed.";
    }
    if (strlen($subject) <2 || strlen($subject) > 60) {
        $alert_message .= "\n\nSubject must be no more than 60 characters.";
    }
    if (strlen($address) > 100) {
        $alert_message .= "\n\nAddress must be no more than 100 characters.";
    }
    if (!$unix_online = getUnixTime($online)) {
        $alert_message .= "Invalid online.";
    }
    if (!$unix_offline = getUnixTime($offline)) {
        $alert_message .= "Invalid offline.";
    }
    
    // ???
    $file_name = '';
    $set_up_pic = false;
    if($_FILES['up_pic']['size'] > 0 && trim($_FILES['up_pic']['name']) != ""){
        $set_up_pic = true;
        $upfile = new uploadFile($_FILES['up_pic']);
        $upfile->setFileName('J_A_NEWS_' . $timestamp);
        $upfile->setFileType(array('image/pjpeg', 'image/gif', 'image/jpeg'));
        $upfile->setAcceptOverwrite(0);   //0:??l
        $upfile->setStoreDir(JANSEN_ROOT.'attachments/');
        $upfile->setMaxSize(1024*1024*2);

        if (!$upfile->save()) {
            //echo "<script>alert('" . $upfile->error_msg . "');location.href='p_category.php';</script>";
            //echo "<script>alert('" . $upfile->error_msg . "');history.back(-1);</script>";
            //exit;
            $alert_message .= "\n\n" . $upfile->error_msg;
        }
        $file_name = $upfile->fileName;
    }

    if ($alert_message == "") {
        if ($action == "add") {
            $sql = "INSERT INTO `news` (`subject`, `details`, `address`,`subjectzh`, `detailszh`, `addresszh`, `pic`, `online`, `offline`, `publish_flag`) VALUES ('$subject', '$details', '$address','$subjectzh', '$detailszh', '$addresszh', '$file_name', '$unix_online', '$unix_offline', '$publish')";
            $db->query($sql);
        }

        if ($action == "edit") {
            if ($file_name == "" && !$set_up_pic) {
                $sql = "UPDATE `news` SET
                       `subject` = '$subject', 
                       `details` = '$details', 
                       `address` = '$address',
					    `subjectzh` = '$subjectzh', 
                       `detailszh` = '$detailszh', 
                       `addresszh` = '$addresszh',  
                       `online` = '$unix_online', 
                       `offline` = '$unix_offline',
                       `publish_flag` = '$publish'
                       WHERE `id` = '$nid'";
            } else {
                $sql = "UPDATE `news` SET
                       `subject` = '$subject', 
                       `details` = '$details', 
                       `address` = '$address', 
					      `subjectzh` = '$subjectzh', 
                       `detailszh` = '$detailszh', 
                       `addresszh` = '$addresszh', 
                       `pic` = '$file_name', 
                       `online` = '$unix_online', 
                       `offline` = '$unix_offline',
                       `publish_flag` = '$publish'
                       WHERE `id` = '$nid'";
            }
            $db->query($sql);
            
            goFromPage();            
        }

        header("LOCATION:i_news.php");
        exit;
    }

}

if ($action == "del") {
    getMyParam('nid');

    if (is_numeric($nid) && $nid > 0) {

        $sql = "DELETE FROM `news` WHERE `id` = '" . $nid . "'";
        $db->query($sql);

    }

    goFromPage();
}

//$sql_where = "WHERE `offline` > '$timestamp'";
$sql_where = "WHERE 1 = 1 ";

$page_url = 'i_news.php?';
if ($action == "search" && trim($key) != "") {
    $sql_where .= " AND `subject` LIKE '%$key%'";
    $page_url = 'i_news.php?action=search&key=' . $key . '&';
}


// *** page code start ***
$sql = "SELECT `id` FROM `news` $sql_where";
$query = $db->query($sql);
$sql_all_num = $db->num_rows($query);

$ppp = 10;
getMyParam('page');
$page = empty($page) || !ispage($page) ? 1 : $page;
$start_limit = ($page - 1) * $ppp;
if($start_limit > $sql_all_num) {
    $start_limit = 0;
    $page = 1;
}

$page_show = getPageStr($sql_all_num, $page, $ppp, $page_url);

// *** page code end ***

$sql = "SELECT `id`, `subject`, `address`,`addresszh`, `publish_flag`, `online`, `offline` FROM `news` $sql_where ORDER BY id DESC LIMIT $start_limit, $ppp";
$query = $db->query($sql);
while($rs = $db->fetch_array($query)) {
    if ($action == "search" && trim($key) != "") {
        $rs['subject'] = str_replace($key, "<font color=red>$key</font>", $rs['subject']);
    }
    $out_ary[] = $rs;
}



$debug = 1;
debuginfo();

include_once(JANSEN_ROOT . 'admin/menu_list.php');
require_once PrintEot('a_header');
require_once PrintEot('a_i_news');
require_once PrintEot('a_footer');

?>